GNUCitizen has discovered an RSS reader vulnerability in Sage (a firefox plugin).
My Blackhat Presentation Link: Zero Day Subscriptions: Using RSS and Atom Feeds As Attack Delivery Systems (Power Point)
My RSS Whitepaper: http://www.spidynamics.com/assets/documents/HackingFeeds.pdf
Advisory Link: http://www.gnucitizen.org/blog/cross-context-scripting-with-sage/
RSS Security Issues Repository Link: RSS Security